package com.woniuxy.configuration;

import java.util.*;

import com.woniuxy.realm.CoachRealm;
import com.woniuxy.realm.CustomizedModularRealmAuthenticator;
import com.woniuxy.realm.VenueRealm;
import org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy;
import org.apache.shiro.authc.pam.ModularRealmAuthenticator;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;
import com.woniuxy.realm.UserRealm;

/**
 * 吴毛伟原生态制造
 */
@Configuration
public class ShiroConfiguration {
	//realm
	@Bean	//默认将方法名作为id		
	public UserRealm realm(){
		UserRealm realm = new UserRealm();
		//开启缓存
		realm.setCachingEnabled(true);
		//设置认证缓存
		realm.setAuthenticationCachingEnabled(true);
		realm.setAuthenticationCacheName("abc");
		//设置授权的缓存
		realm.setAuthorizationCachingEnabled(true);
		realm.setAuthorizationCacheName("cba");
		
		return realm;
	}
	//coachRealm
	@Bean	//默认将方法名作为id
	public CoachRealm coachRealm(){
		CoachRealm coachRealm = new CoachRealm();
		//开启缓存
		coachRealm.setCachingEnabled(true);
		//设置认证缓存
		coachRealm.setAuthenticationCachingEnabled(true);
		coachRealm.setAuthenticationCacheName("abc");
		//设置授权的缓存
		coachRealm.setAuthorizationCachingEnabled(true);
		coachRealm.setAuthorizationCacheName("cba");

		return coachRealm;
	}

	//venueRealm
	@Bean	//默认将方法名作为id
	public VenueRealm venueRealm(){
		VenueRealm venueRealm = new VenueRealm();
		//开启缓存
		venueRealm.setCachingEnabled(true);
		//设置认证缓存
		venueRealm.setAuthenticationCachingEnabled(true);
		venueRealm.setAuthenticationCacheName("abc");
		//设置授权的缓存
		venueRealm.setAuthorizationCachingEnabled(true);
		venueRealm.setAuthorizationCacheName("cba");

		return venueRealm;
	}
	/**
	 * 系统自带的Realm管理，主要针对多realm 认证
	 */
	@Bean
	public ModularRealmAuthenticator modularRealmAuthenticator() {
		//自己重写的ModularRealmAuthenticator
		CustomizedModularRealmAuthenticator modularRealmAuthenticator = new CustomizedModularRealmAuthenticator();
		modularRealmAuthenticator.setAuthenticationStrategy(new AtLeastOneSuccessfulStrategy());
		return modularRealmAuthenticator;
	}

	//securityManager
	@Bean	//参数的名字要与上边方法的名字保持一致
	public SecurityManager securityManager() {
		DefaultWebSecurityManager manager = new DefaultWebSecurityManager();
		List<Realm> realms = new ArrayList<>();
		realms.add(realm());
		realms.add(coachRealm());
		realms.add(venueRealm());
		manager.setAuthenticator(modularRealmAuthenticator());
		//设置realms
		manager.setRealms(realms);
		//直接调方法获取缓存管理器
		manager.setCacheManager(ehCacheManager());
		return manager;
	}
	
	//过滤器
	@Bean
	public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
		ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
		//设置安全管理器
		factoryBean.setSecurityManager(securityManager);
		//登录页面
//		factoryBean.setLoginUrl("/index/index.html");
		//没权限时显示的页面
		factoryBean.setUnauthorizedUrl("/error/500.html");
		//设置过滤器链
		Map<String, String> map = new LinkedHashMap<>();	//有序
		//设置
		map.put("/static/**", "anon");//放行静态资源
		map.put("/index/**","anon");
		map.put("/user/login.html", "anon");
		map.put("/user/register", "anon");
		map.put("/user/regist.html", "anon");
		map.put("/user/loginByUname", "anon");
		map.put("/user/sendCode", "anon");
		map.put("/user/loginByPhoneNum", "anon");
		map.put("/user/login2.html", "anon");
		map.put("/user/index.html", "anon");
		map.put("/coach/login.html", "anon");
		map.put("/coach/logincname", "anon");
		map.put("/coach/sendCode", "anon");
		map.put("/coach/loginphone", "anon");
		map.put("/coach/**", "anon");
		map.put("/coach/addFreetimeByCid", "anon");
		map.put("/coach/updateCoachInformation", "anon");
		map.put("/coach/findrelationship", "anon");
		map.put("/coach/findrelationship2", "anon");
		map.put("/coach/addrelationship", "anon");
		map.put("/coach/bankcard", "anon");
		map.put("/coach/cash", "anon");
		map.put("/coach/coachrelationship", "anon");
		map.put("/venue/selectAll", "anon");
		map.put("/coach/wallet", "anon");
		map.put("/coach/myuser", "anon");
		map.put("/coach/pay", "anon");
		map.put("/coach/**", "anon");
		map.put("/coach/**", "anon");
		map.put("/coach/**", "anon");
		map.put("/coach/**", "anon");
		map.put("/coach/**", "anon");
		map.put("/coach/**", "anon");
		map.put("/coach/**", "anon");
		map.put("/coach/**", "anon");
		map.put("/user/**", "anon");
		map.put("/venue/venueLogin.html", "anon");
		map.put("/venue/qqLogin.html", "anon");
		map.put("/venue/register", "anon");
		map.put("/venue/venueRegister.html", "anon");
		map.put("/venue/login/*", "anon");
		map.put("/coach/login2.html", "anon");
		map.put("/coach/regist", "anon");
		map.put("/coach/regist.html", "anon");
		map.put("*/index.html", "anon");
		map.put("/error/**", "anon");
		map.put("/**/css/**", "anon");
		map.put("/**/fonts/**", "anon");
		map.put("/**/layer/**", "anon");
		map.put("/**/layui/**", "anon");
		map.put("/**/picture/**", "anon");
		map.put("/**/js/**", "anon");
		map.put("/**/images/**", "anon");
		map.put("/**/alipay/**", "anon");
		map.put("/logout", "logout");
		
//		map.put("/**", "authc");


		//设置
		factoryBean.setFilterChainDefinitionMap(map);
		return factoryBean;
	}
	/*
	 * 注解
	 */
	//生命周期管理器
	@Bean
	public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
		return new LifecycleBeanPostProcessor();
	}
	
	@Bean
	@DependsOn("lifecycleBeanPostProcessor")
	public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
		DefaultAdvisorAutoProxyCreator creator = new DefaultAdvisorAutoProxyCreator();
		creator.setProxyTargetClass(true);
		return creator;
	}
	@Bean
	public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
		AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
		advisor.setSecurityManager(securityManager);
		return advisor;
	}
	/*
	 * 缓存
	 */
	@Bean
	public EhCacheManager ehCacheManager() {
		EhCacheManager manager = new EhCacheManager();
		//加载配置文件
		manager.setCacheManagerConfigFile("classpath:ehcache.xml");
		return manager;
	}
}







